htmlcoderhelper graphics
htmlcoderhelper graphics v1.0.6 LFI Vulnerability
MT Fire Eagle
LFI http://joomlacode.org/gf/project/jfireeagle/frs/ http://www.moto-treks.com 190410 product considered retired and to be replaced by dev
JE Tooltip
JE Tooltip LFI Updated 23 March
QContacts
http://extensions.joomla.org/extensions/contacts-and-feedback/contact-details/4811 Version: 1.0.4 reported, current version 1.0.6 220710 Devleoper states unproven report and no POC
JPodium
http://www.jpodium.de/ SQL Injection 060710 Devs statement as to not proven
Super Messenger
axxis.gr xss 190610
Info Line (MT_ILine)
http://extensions.joomla.org/extensions/news-display/news-tickers-a-scrollers/8425 reports of shell scripts in download file 120610
BCA RSS Feed
LFI and other vulnerabilities Upgrade to Ninja RSS Syndicator 1.0.9 or later
Ultimate Portfolio
Ultimate Portfolio Local File Inclusion Vulnerability
com properties
http://com-property.com/ SQL I developer announced fix